Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/66c75786-d155-4d77-8244-4d1048cecdfa.roa
File: 66c75786-d155-4d77-8244-4d1048cecdfa.roa (raw, json)
Hash identifier: 8VYx3Q7xQPf92pA7kJk84sNMcTJWYKp97wMuBJXGHYo=
Subject key identifier: FE:F4:FD:95:53:27:B0:1B:64:13:92:FE:89:2B:08:8B:08:CB:4B:C4
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 06549BA7A5E49879666A549470194CFCBBF49F5F
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/66c75786-d155-4d77-8244-4d1048cecdfa.roa
Signing time: Wed 18 Dec 2024 00:00:00 +0000
ROA not before: Wed 18 Dec 2024 00:00:00 +0000
ROA not after: Wed 22 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:54:9b:a7:a5:e4:98:79:66:6a:54:94:70:19:4c:fc:bb:f4:9f:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Dec 18 00:00:00 2024 GMT
Not After : Jan 22 23:59:59 2025 GMT
Subject: serialNumber=801b007029c4c18c0b31fbbcc5a9208d3a2ae1f40de562bf53f3bace0f6f5196, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:16:4c:1d:fb:09:0c:f2:57:fb:ef:97:49:94:
1b:10:c0:63:8e:4f:7b:d1:6b:27:ab:b9:52:3e:85:
83:7d:e9:a6:fd:49:a1:15:56:25:ec:06:e1:5b:b9:
67:0e:e1:53:b0:63:eb:8b:1b:68:b3:ba:4a:18:c6:
9b:11:00:37:2d:e8:ee:7f:1a:7a:2f:89:0f:ab:57:
fe:3b:c9:f2:94:2c:a8:c6:7e:21:a9:ed:b1:f9:41:
0b:4e:39:de:80:af:e0:61:2c:3f:6e:d5:60:ab:5d:
fe:c6:4e:75:4e:bf:c9:04:dc:f8:05:cc:48:c6:35:
65:67:28:64:e1:a8:8e:f4:cf:ce:c5:96:06:85:01:
bb:44:59:24:6f:2c:c6:9c:80:d8:97:c4:6c:63:cb:
56:6e:63:6b:b2:fa:34:6b:16:ca:89:a2:5f:f8:22:
c2:76:59:15:5c:db:dc:fc:50:74:64:37:e4:68:04:
e0:7a:31:c2:a8:9f:6b:8e:68:a1:b7:94:6d:b9:a2:
42:34:2a:6d:f1:ad:3a:06:98:b6:0b:64:a7:0f:16:
af:0a:b0:a4:04:63:14:d5:7e:0e:b4:b6:30:17:0c:
b8:19:f2:d1:99:ba:8a:d4:95:06:56:4d:08:1d:dd:
8a:98:11:e6:23:a4:4b:50:71:64:8f:6a:59:49:42:
64:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:F4:FD:95:53:27:B0:1B:64:13:92:FE:89:2B:08:8B:08:CB:4B:C4
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/66c75786-d155-4d77-8244-4d1048cecdfa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:800::/40
Signature Algorithm: sha256WithRSAEncryption
bf:9d:47:26:88:a6:81:5b:36:8c:76:82:f7:02:12:be:94:a8:
20:b7:7a:78:28:c9:76:d0:93:cd:45:df:bc:cd:32:23:dd:e3:
0e:63:ac:76:16:ba:27:6e:2e:7a:b8:51:4b:82:17:35:75:48:
33:b2:8c:b9:32:33:cd:9b:12:72:74:cb:18:97:2b:c6:70:f9:
46:63:33:ba:47:29:8d:6d:c9:7b:d6:15:5d:60:21:4f:b0:65:
8a:5e:04:f3:7f:b8:04:7b:86:ba:91:07:fc:be:1a:5e:df:3a:
38:4e:62:39:f6:de:44:97:8c:de:31:13:78:c9:05:f7:78:c5:
16:72:dc:83:3c:a8:62:a8:2d:8b:75:dc:b7:96:80:bb:db:e2:
af:56:2d:03:66:ad:fc:71:07:f2:ea:75:c6:1f:70:9a:d0:73:
92:28:82:57:58:fc:62:c2:27:d7:2b:bf:65:4b:0c:ed:66:83:
ed:de:d2:de:22:38:f8:a8:6d:58:fd:93:7b:58:9d:cb:7a:3f:
ac:c8:5b:c5:17:01:da:ec:bf:7b:25:b9:1f:23:2c:bc:af:71:
35:39:96:27:b9:b3:a6:95:c9:cb:78:6f:b4:7e:88:75:0a:b5:
d6:29:5a:f4:44:10:67:f3:e5:ea:07:2f:05:f6:ef:27:24:2f:
da:d0:9c:1b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUBlSbp6XkmHlmalSUcBlM/Lv0n18wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNAODAxYjAwNzAyOWM0YzE4YzBiMzFm
YmJjYzVhOTIwOGQzYTJhZTFmNDBkZTU2MmJmNTNmM2JhY2UwZjZmNTE5NjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxZMHfsJDPJX+++XSZQbEMBjjk97
0Wsnq7lSPoWDfemm/UmhFVYl7AbhW7lnDuFTsGPrixtos7pKGMabEQA3Lejufxp6
L4kPq1f+O8nylCyoxn4hqe2x+UELTjnegK/gYSw/btVgq13+xk51Tr/JBNz4BcxI
xjVlZyhk4aiO9M/OxZYGhQG7RFkkbyzGnIDYl8RsY8tWbmNrsvo0axbKiaJf+CLC
dlkVXNvc/FB0ZDfkaATgejHCqJ9rjmiht5RtuaJCNCpt8a06Bpi2C2SnDxavCrCk
BGMU1X4OtLYwFwy4GfLRmbqK1JUGVk0IHd2KmBHmI6RLUHFkj2pZSUJkrQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFP70/ZVTJ7AbZBOS/okrCIsIy0vEMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzY2Yzc1Nzg2LWQxNTUtNGQ3Ny04MjQ0LTRkMTA0OGNlY2RmYS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+wgwDQYJKoZIhvcNAQELBQADggEBAL+dRyaIpoFbNox2gvcC
Er6UqCC3engoyXbQk81F37zNMiPd4w5jrHYWuiduLnq4UUuCFzV1SDOyjLkyM82b
EnJ0yxiXK8Zw+UZjM7pHKY1tyXvWFV1gIU+wZYpeBPN/uAR7hrqRB/y+Gl7fOjhO
Yjn23kSXjN4xE3jJBfd4xRZy3IM8qGKoLYt13LeWgLvb4q9WLQNmrfxxB/LqdcYf
cJrQc5IogldY/GLCJ9crv2VLDO1mg+3e0t4iOPiobVj9k3tYnct6P6zIW8UXAdrs
v3sluR8jLLyvcTU5lie5s6aVyct4b7R+iHUKtdYpWvREEGfz5eoHLwX27yckL9rQ
nBs=
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:04:49 2025 by rpki-client